FAQ

FAQs for reports and tools

What kinds of reports can CloudSploit produce?
CloudSploit can produce cloud IaaS-level scan reports, printable (top-level summary) reports, compliance reports, trend reports, historical information repo...
Sun, 10 Nov, 2019 at 11:57 AM
How can I get a single-pane-of-glass view into all IaaS accounts connected to CloudSploit?
The CloudSploit Org-Wide Report enables single-pane-of-glass insight into all connected cloud IaaS accounts, with filters for regions and plugins. This repo...
Sun, 10 Nov, 2019 at 11:58 AM
Can I export my report data?
Yes. Scan reports can be exported as CSV or PDF. Org-Wide reports can be exported to CSV in multiple formats.
Mon, 27 Apr, 2020 at 8:48 AM
What is the CloudSploit CloudFormation scanner tool?
The CloudFormation Scanner tool is used to provide static analysis of CloudFormation templates to locate potential security risks that would be introduced b...
Sun, 10 Nov, 2019 at 11:58 AM
What kinds of findings does the CloudFormation scanner support?
The CloudFormation Scanner can locate misconfigurations in EC2, RDS, IAM, ElasticSearch, VPC, Redshift, SNS, and numerous other services.
Sun, 10 Nov, 2019 at 11:58 AM
Does the CloudFormation scanner support JSON and YAML CloudFormation templates?
Yes. Please note that YAML templates are converted to JSON using the cfn-flip utility, which may lack support for some custom AWS-specific YAML properties.
Sun, 10 Nov, 2019 at 11:59 AM
What limitations does the CloudFormation scanner have?
The CloudFormation Scanner can not currently follow complex conditional logic that uses CloudFormation references (Ref) or conditions (If). For example, a s...
Sun, 10 Nov, 2019 at 11:59 AM
What is the CloudSploit Live Run tool and how can it be used?
The Live Run tool allows users to run a single plugin against a connected cloud IaaS account and receive results in real-time, along with a copy of the API ...
Sun, 10 Nov, 2019 at 11:59 AM
What are the Cloud Visualizer tools?
CloudSploit’s cloud visualizers allow users to scan for common security risks (open S3 buckets, misconfigured IAM roles, etc) and view the results, with vis...
Sun, 10 Nov, 2019 at 11:59 AM
Does CloudSploit scan AWS S3 buckets for misconfigurations?
Yes. The AWS S3 Visualizer tool scans all S3 buckets for policy and ACL violations that would result in the bucket being publicly exposed.
Sun, 10 Nov, 2019 at 11:59 AM